Date: Wed, 23 Feb 2005 20:00:26 -0500 From: James Alexander Cook <james.cook@utoronto.ca> To: David Banning <david+dated+1109532666.8c4c1b@skytracker.ca> Cc: freebsd-questions@freebsd.org Subject: Re: logging proftpd question Message-ID: <20050224010026.GA47769@angel.falsifian.afraid.org> In-Reply-To: <20050222193103.GA79390@skytracker.ca> References: <20050222063525.GA4636@skytracker.ca> <20050222175827.GA36707@angel.falsifian.afraid.org> <20050222193103.GA79390@skytracker.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 22, 2005 at 02:31:03PM -0500, David Banning wrote: > > I believe the syntax you want is > > > > ftp.* /var/log/proftpd.log > > > > Make sure the logfile exists (and is writable), > > otherwise I think syslog will complain. > > Thanks, fellow Torontonian, for your reply. > > I tried your suggestion previous to my posting, with no result. > > Now, could something in the; > > > I tried your suggestion previous to my posting, with no result. I > also did a "touch /var/log/proftpd.log" and "chmod 600 > /var/log/proftpd.log" > > The line; > > *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages > > is what is grabbing the messages I want to redirect. (I beleive *.notice) > > I just wonder if the line I just mention takes the log entry, if another > can still take it. Can a log entry only be logged once? Or can you have > it go to multiply files? (via multiple syslog.conf entries) I'm pretty sure a log entry can go to as many files as you want. For example, my syslog.conf file currently has *.err;kern.debug;auth.notice;mail.crit /dev/console *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages security.* /var/log/security auth.info;authpriv.info /var/log/auth.log mail.info /var/log/maillog lpr.info /var/log/lpd-errs ftp.info /var/log/xferlog cron.* /var/log/cron *.=debug /var/log/debug.log *.emerg * *.* /var/log/all.log !startslip *.* /var/log/slip.log !ppp *.* /var/log/ppp.log All of my log messages end up in /var/log/all.log, even though they're also put in /var/log/messages. The only thing I can think of is that you might have a program or hostname specification that's messing things up (any line starting with !, #!, + or +!). Anything following such a line will only apply to certain things; for example, the only things that end up in /var/log/ppp.log in my configuration are ppp-related messages (even though the ppp.log line starts with *.*). That's all I can think of, anyway. I never touched my syslog.conf file before a few days ago, so I'm hardly an authority. > > It sure would be easier if in the log entry it said "ftp.notice" or > some such thing so you -know- how it is being directed. > > I have tried running syslog with -d and -vv and there seems to be no > indication what the facility name that is used. > - James Cook james.cook@utoronto.ca
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050224010026.GA47769>